[ previous ] [ next ] [ threads ]
 From:  krt <kkrrtt at gmail dot com>
 To:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 Cc:  Hans Mojave <root1981 at gmail dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] FTP upload problem through monowall
 Date:  Sat, 26 May 2007 22:03:31 -0700
Sounds like the small state table problem, where a regular session is 
being clobbered by the new sessions (each file is a new TCP session in 
FTP land).  Since m0n0wall is stock tuned for tiny little "my lightbulb 
consumes more power" routers, this is how it is.

The proof of this would exist in the logs.  When the lockup occurs, do 
you see multiple drops for TCP 21, or whatever port your FTP control 
session is on?

FTP itself doesn't use UDP, so there is no issue there (though there 
might be a trickle of UDP data involved, like DNS queries and maybe 
backend authentication traffic like RADIUS)

Unfortunately, there aren't many ways of working around it at the time 
being for 1.2 - state table size is supposedly a compile time variable. 
  I hope that we'll see some method of state table size entry method, 
and perhaps a smarter overload algo in 1.3, where idle time is 
considered for reaping before session age.

Christopher M. Iarocci wrote:
> No solution here, but thought I'd report the same exact problem with 2 
> separate m0n0walls.  One running 1.23 and the other running 1.3b2.  One 
> of mine is connected to a cable modem, the other is connected to a Cisco 
> router that is connected to a 10MB fiber connection.
> Chris
> Hans Mojave wrote:
>> Hi there,
>> I´m running monowall 1.3b2 on a Wrap2E, using it as dsl-router... 
>> (internal 1gbit switched / adsl2+ 16m/1m)
>> When i upload many small files to an external ftp server (e.g. typo3 
>> installation and templates ~1800files) it happens that the ftp 
>> connection is hanging. This happens round about every 200Files:
>> -> File is uploading... Upload speed decreases to 0, ftp connection is 
>> hanging.
>> i have to hard-terminate the tcp session. Reconnect and resume 
>> uploading the next ~200files with fullspeed .
>> Its not a dsl-modem, ftp-server,dsl-connection or software problem. 
>> Tested that with Dlink804hv routers, 3 Pcs running different ftp 
>> software (windows tcp/syn connection limit was removed).
>> Downloading of many small files is no problem. Also uploading through 
>> ssl tunnels for example is stable. Uploading big files is no problem 
>> at all.
>> Is there an issue with the often changing data (udp) ports in 
>> monowall, which is charateristc for ftp?
>> Sorry for bad englisch and best regards
>> Hans
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch